Criminals, spies swamp cyber world: experts

August 4, 2010
by Sebastian Smith

Speaking about the dire state of online security, leading IT security experts are claiming there is no way to prevent threats and to defend large-scale environment today.

Finally the world has a hacker-proof communications device. The bad news? It's a brick in a glass case. The joke, told to a cyber conference Tuesday in New York, illustrates what top US experts describe as the dire state of online security.

"Threats today are basically not preventable," said Amit Yoran, a leading IT security consultant and CEO of NetWitness Corporation. "There's basically no way to defend any large-scale environment today."

The spoof brick really exists -- right in the lobby of the secretive US National Security Agency, Yoran said. And that's to remind America's top cyber spooks how limited their powers really are.

Yoran described a world where hackers operate mostly with impunity, since they are rarely caught -- or extradited when found -- and at great profit.

Nor are they all lone teenage computer geniuses playing for kicks.

Organized gangs and government-sponsored spies are the real threat, making cyber crime a bigger sector even than drug trafficking, he said. "It's a very complex set-up."

The gloomy diagnosis from the FBI-sponsored conference at New York's Fordham University comes when the Internet and society are becoming more integrated by the minute.

Last year saw 10 trillion dollars in online business, a figure forecast to hit 24 trillion in another decade, he noted.

Yet, incredibly, the business world has yet to grasp the threat that online thieves and vandals pose. Almost half of small businesses don't use anti-virus software and even fewer use it properly, Schmidt warned.

"There has been enough exfiltration of personal property in this country in the past years to fill the Library of Congress over and over again. So we must do more."

But chasing cyber criminals is a task that can exasperate the most powerful sleuth.

"Cyber criminals are not constrained by geographic borders," said Michael DuBose, head of the computer crime section at the Department of Justice.

"A Romanian hacker sitting at his kitchen table can penetrate a US network within seconds and exit just as quickly."

The hackers' "world has become a lot smaller," he added, but "they prey on what is essentially a global victim pool."

Another hurdle, according to the FBI's cyber division deputy assistant director, Jeffrey Troy, is outdated legislation, combined with the usual complications of cross-border probes.

"We need to be operating like one global law enforcement agency," he said. Instead "a lot of countries don't have laws that fit the crime... We're using laws that were written when no one even had thought of the crime."

Experts at the conference also lamented what they said was the failure of private software companies to come up with adequate defenses.

In the end, they said, all that can be done is to mitigate the problem and make the hacking business -- ranging from theft of bank details and spam advertising to espionage and terrorist sabotage -- less easy.

Gary Gagnon, from the IT security firm MITRE, joked the biggest problem was people -- "users who just can't help clicking" on infected files.

But he said no one should ever feel smug about security levels.

"If (hackers) are determined to get in our network, they'll get in. The odds are stacked in their favor."

Recommended for you

James Dyson announced Tuesday he was investing £2.0 billion ($2.7 billion, 2.3 billion euro) into developing an electric car by 2020, a new venture for the British inventor of the bagless vacuum cleaner.

A pair of Purdue University professors are using the popular Nintendo Wii gaming system to help people with Parkinson's disease. Jessica Huber and Jeff Haddad from the College of Health and Human Sciences are studying how ...

Robots perform many tasks that humans can't or don't want to perform, getting around on intricately designed wheels and limbs. If they tip over, however, they are rendered almost useless. A team of University of Illinois ...

1 comment

Lots of ways to mitigate the problem with a positive ROI. Change the economics of hacking to reduce it. This is the technology behind reducing buglaries and traditional crime.

Article suggests nothing can be done and it requires thousands of isolated individuals and business to spontaneously change their behavior.

By fallacious discounting and not considering the other solutions, the article then leaves us with the only possible solution suggested "We need to be operating like one global law enforcement agency". . . hmm. looks like a hijacked agenda to me. I'm not arguing that a global police system wouldn't help with hackers. . . We could also solve the problem by setting fire to all computers. Just because a solution solves the problem doesn't make it a good choice.

Please sign in to add a comment.
Registration is free, and takes less than a minute.
Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.